2 results (0.006 seconds)

CVSS: 10.0EPSS: 18%CPEs: 18EXPL: 0

Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445. Un desbordamiento de búfer en un determinado controlador en Cisco Security Agent versiones 4.5.1 anteriores a 4.5.1.672, versiones 5.0 anteriores a 5.0.0.225, versiones 5.1 anteriores a 5.1.0.106, y versiones 5.2 anteriores a 5.2.0.238 en Windows, permite a los atacantes remotos ejecutar código arbitrario por medio de un paquete SMB especialmente diseñado en una sesión TCP en el puerto (1) 139 o (2) 445. • http://osvdb.org/39521 http://secunia.com/advisories/27947 http://securityreason.com/securityalert/3425 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618 http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml http://www.nsfocus.com/english/homepage/research/0702.htm http://www.securityfocus.com/archive/1/484669/100/100/threaded http://www.securityfocus.com/bid/26723 http://www.securitytracker.com/id?1019046 http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0

Sygate Security Agent (SSA) in Sygate Secure Enterprise 3.5 through 4.1 does not prevent the security policy from being updated by unprivileged users, which allows local users to modify the policy by exporting the policy file, changing it, and importing it back into SSA. • http://marc.info/?l=bugtraq&m=111335219201828&w=2 •